Risk analysis should be an ongoing process, in which a covered entity regularly reviews its records to track access to e-PHI and detect security incidents, periodically evaluates the effectiveness of security measures put in place, and regularly reevaluates potential risks to e-PHI.

HITECH – Meaningful use

IDTSOA offers a comprehensive and competitively priced computer based risk analysis (CBRA) that meets the required standards for meaningful use.

Controls Based Risk Assessment-

The Controls Based Risk Assessment is used to provide insight into the types of controls in relation to the classification level of information present on each information asset of the organization.

Objectives:

A clear description of each information asset

Classification of information on that asset

Initial risk of the asset

Description of controls and types of controls

Covering the asset

Residual risk after mitigation

Prioritized suggestions for improvement

External Vulnerability Assessment-

The External Vulnerability Assessment is designed to not only test available ports and services for known vulnerabilities, but also checks various Internet resources for information that would be harmful or present an exposure to the organization.

Objectives:

Identification of detected external vulnerabilities

Documentation of ports and services available to “anonymous” sources

Documentation of external information from various resources that may present concern to the organization

Prioritized suggestions for improvement and mitigation

Internal Vulnerability Assessment-

The Internal Vulnerability Assessment is designed to test available ports and services for known vulnerabilities, as well as various configurations, patch levels and architecture that may be detrimental to the security stance of the organization.

Objectives:

Identification of detected vulnerabilities

A prioritized list of mitigation steps

Documentation of ports and services evaluated

Documentation of detected configuration issues

An executive level overview report

A technical level report

To get a price estimate or if you have additional questions about the CBRA, please call a representative at (800)735-4850.

Inside the Industry

Our Clients Say

"Not only do they provide the necessary Federal Compliance documentation and training that your business must have in place, but they protect you and your family in the process. The best part is that it’s 100% employee paid so there is no cost to the company!"